[ovs-discuss] How to filter tagged frames in bridge?

Felipe Arturo Polanco felipeapolanco at gmail.com
Tue Aug 6 15:12:49 UTC 2019


This is for a hosting environment where we are using OVS bridges with KVM.

I have two interfaces bonded together with LACP and allowing two vlans.
VLAN 500 public and vlan 400 private.
The native vlan for this trunk port is Vlan 500*

I need to find a way to limit trunk access on the VMs when they are
connected to my bridge.
If I add a tap0 interface to ovsbr0, I can see tagged traffic which is not good.

I was thinking about adding a second bridge and connect both of them
using a patch port but I still need to find a way to filter tagged
frames and only allow untagged traffic on the second bridge.

Any ideas how can this be done?


More information about the discuss mailing list